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A METHOD AND A SYSTEM FOR TRANSMITTING A COOKIE. 
TECHNICAL FIELD 

The present invention relates to a method and a system for 
transferring cookie information between a client and a server. 
In particular the invention relates to an end-user or client 
having access to a small amount of memory and also to a system 
where the client communicates with the server over a channel 
having a limited bandwidth. 

BACKGROUND OF THE INVENTION AND PRIOR ART 

In today's Internet applications so called cookies are used more 
and more frequently. 

A cookie is a mechanism developed by the Netscape Corporation to 
make up for the stateless nature of the hyper text transfer 
protocol (HTTP) protocol. Normally , each time a browser requests 
the URL of a page from a Web server the request is treated as a 
completely new interaction. The fact that the request may be 
just the most recent in a series of requests as the user browses 
methodically through the site is lost. Although this makes the 
Web more efficient, this stateless behaviour makes it difficult 
to create things like shopping carts that must remember the 
user's actions over an extended period of time* 

Cookies solve this problem. A cookie is a small piece of 
information, often no more than a short session identifier, that 
the HTTP server sends to the browser when the browser connects 
for the first time. A cookie comprises a short instruction 
followed by a data field of up to 4 kbyte. Thereafter, the 
browser returns a copy of the cookie to the server each time it 
connects to the server, which issued the cookie. 

Typically the server uses the cookie to remember the user and to 
maintain the illusion of a session that spans multiple pag s. 
Because cooki s are not part of the standard HTTP specification, 
only some browsers support them, such as "Microsoft Internet 
Explorer 3.0 and higher, and Netscape Navigator 2.0 and higher. 
The server and/or its CGI scripts must also know about cookies 
in order* ttn r.aWp artvAnt»rr» n-F +-Vi«»tn 
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Cookies cannot be used to steal information about a computer 
system, i.e. they cannot enter a computer system and return with 
information from it. They can only be used to store information 
that is provided at some point. Thus, for example, if one fills 
out a form giving a preferred colour, a server can turn this 
information into a cookie and send it to the browser used. The 
next time the browser contacts the site, the browser will return 
the cookie, allowing the server to alter background colour of 
its pages to suit the preferences of the user. 

However, the information contained in the cookies can of course 
be intercepted when transferred on the internet. This may not 
pose such a big problem when the information is transferred on a 
wireline network or when the information is of a harmless 
nature, such as colour preferences. 

In some cases the information contained in the cookies is 
confidential and also it sometimes may have to be transmitted 
over a wireless network, for example when the end user is using 
a mobile terminal, such as a lap top computer or any other 
computer communicating via modem over a wireless network. In 
such a case the confidential information can be eavesdropped 
fairly easy, since the information is, at least partly, 
transmitted over an air interface, where it can be intercepted 
by a number of different equipment. 

Also there is a problem associated with the transmission of 
cookies from different sites since the site cannot determine 
whether or not the user terminal to which the cookie is sent can 
receive and store the cookie. Thus, for example, in some hand- 
held user terminals the amount of memory is very limited and if 
many sites transmit cookies to such a user terminal, the memory 
of such a terminal will quite quickly be full of cookies and 
other, more important, information cannot be stored. 

SUMMARY 

It is an object of the present invention to overcome the problem 
associated with transmission cookies to a user terminal having a 
very limited memory and also to reduce the risque for cookie 
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information to be eavesdropped as outlined above. 

This object and others are obtained by locating a proxy server 
between an end-user and a remote server, which can intercept and 
store cookies transmitted from a remote server to the user 
terminal. 

Thus, when a remote HTTP server or the like is contacted by a 
user terminal and the remote server transmits a cookie to the 
user terminal, the cookie is intercepted and stored in the proxy 
server. Information regarding the remote server, e.g. its URL 
and an identification identifying the user terminal or the user 
is stored together with the cookie. The next time the user 
terminal or the user accesses the same HTTP server the proxy 
server matches the requested URL and the identification 
information and in this manner finds the stored cookie. The 
cookie is then added to the request message so that the remote 
server is accessed with a copy of the cookie as desired. 

In this manner the cookies do not need to be stored in the user 
terminal, which may have a small memory and which therefore is 
not suited for storing cookies. Furthermore, when the user 
terminal is a mobile terminal the cookie is not transmitted over 
an air- interface, thereby reducing the amount of data 
transmitted over the air interface significantly. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention will now be described in more detail by 
way of non-limiting examples and with reference to the 
accompanying drawings, in which: 

- Fig. 1 is a general view of a transmission system comprising a 
mobile user terminal. 

- Fig. 2 is a flow chart illustrating the steps carried out in a 
proxy server when receiving a URL request from a user terminal. 

DESCRIPTION OF PREFERRED EMBODIMENTS 

In Fig. 1 a general view of a communication network is shown. 
The network comprises a user terminal 52 having a web browser 
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54. The user terminal 52 also comprises a wireless modem 58, by 
means of which the user terminal 52 can connect to a radio base 
station 60. The radio base station 60 is connected to a remote 
proxy server 66, which preferably is located at a central 
location of the transmission system, for example the Home 
Location Register (HLR) if the system is a GSM-system. The proxy 
server 66 comprises or is connected to a memory 72 for storing 
information regarding cookies, which is transmitted via the 
proxy server 66. The proxy server 66 is connected to the World 
Wide Web (WWW) or the Internet 68 to which a number of remote 
servers 70 are connected. 

The proxy server 66 can also be located at other locations in 
the system or distributed over the system. For example, if the 
transmission system is a GSM-system the cookie information can 
be stored at the Visiting Location Register (VLR) or even cd- 
located with the radio base station. 

In a preferred embodiment for a GSM system the proxy server 66 
is located together with the HLR and the VLR and possibly also 
some of the radio base stations are provided with cache servers 
for caching cookie information. Similar arrangements can of 
course be made for other cellular radio systems. 

When the user terminal 52 accesses a site for the first time in 
such a remote server 70, a cookie may be transmitted back 
towards the user terminal 52. As stated above a cookie is a 
small piece of information, often no more than a short session 
identifier, that the HTTP server sends to the browser and may 
consist of up to 4 kbyte of information. 

The cookie is intercepted by the proxy server 66, which stores 
the cookie together with information regarding the URL that has 
issued the cookie and an identification identifying the user 
terminal 52. The cookie will then not have to be transmitted 
over the wireless network, which usually has a very small 
bandwidth, typically 4.8 kbit/s, which will reduce the 
transmission tim . Also, there will be no need for storing the 
cookie in the user terminal 52, which may be a hand-held 
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computer such as the MC-16 manufactured by the company Ericsson , 
or a smart -phone, which may have a very limited memory. 

The next time the user terminal 52 accesses the same site that 
issued the cookie, the proxy server 66 will identify the user 
terminal 52, and check which site or URL (Uniform Resource 
Locator) the user is accessing. If the site has been accessed 
previously the proxy server will be able to match the identity 
with the URL and thereby find the cookie associated with that 
particular URL. 

The proxy server 66 then adds the cookie to the request from the 
user terminal 52 to the server 70. The remote server 70 will 
then receive a connection request together with a cookie as if 
the cookie had been returned from the browser itself. In this 
manner data traffic over the wireless, low bit-rate part of the 
access path is reduced and the memory requirement on the user 
terminal 52 can be reduced. 

In Fig. 2 a flow chart of the actions performed in the remote 
proxy servers when a connection request is received from the 
user terminal towards a remote server 70 connected to the 
internet is shown. Thus, first in a block 201 the request from 
the user terminal 52 is received. Next, in a block 203 the URL, 
which the user terminal wants to access is read from the 
request. Thereupon, in a block 205 the identification of the 
user terminal or user is determined. 

The results of the actions performed in the blocks 203 and 205 
are then used in a block 207 to determine if the URL previously 
has been requested or visited by that particular user terminal. 
Thus, in the block 207 it is checked if there is a cookie stored 
in the memory 72, which cookie is associated with that 
particular URL and that particular identification. 

If there is a match, i.e. the server previously has stored a 
cookie for that particular user corresponding to that particular 
URL, the cookie is added to the request in a block 209 and the 
request is then forwarded towards the remote server under which 
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the requested URL is located. If, on the other hand, there is no 
match in the block 207, i.e. that particular URL is accessed for 
the first time by that particular user, the request is directly 
forwarded towards the server 70 in the block 211. 

Thus, by storing cookie information in a proxy server, the 
cookies do not need to be stored in the user terminal, which in 
many cases have a small memory and which therefore is not suited 
for storing cookies. Furthermore, when the user terminal is a. 
mobile terminal, the cookie is not transmitted over an air- 
interface, thereby reducing the amount of data transmitted 
significantly. Also, the risque of interception of data is 
reduced by the method and system as described herein. 



WO 99/64967 



7 



PCT/SE99/00992 



CLAIMS 

1. A transmission system comprising a user terminal having a 
browser, which can connect to a remote server, characterized by 
a proxy server interconnected between the user terminal and the 
remote server arranged to intercept and to store a cookie 
transmitted from the remote server to the user terminal* 

2. A system according to claim 1, characterized in that the 
proxy server is arranged to store the cookie together with 
information regarding the identity of the user terminal or 
information regarding the user and information regarding the URL 
that has issued the cookie. 

3. A system according to any of claims 1 or 2, when the user 
terminal and the remote server communicate, at least partly, 
over a wireless connection via a radio system, characterized in 
that the proxy server is connected to the radio base stations of 
the radio system. 

4. A system according to claim 3, characterized in that the 
proxy server is co-located with a central register of the radio 
system. 

5. A system according to claim 4, characterized in that the 
cookie information is cached at other locations in the system. 

6. A system according to any of claims 4 or 5, when the radio 
system is a GSM-system, characterized in that the proxy server 
is co-located with the Home Location Register (HLR) of the GSM- 
system. 

7. A method of transmitting a cookie in a system comprising a 
user terminal having a browser, which can connect to a remote 
server, via a proxy server interconnected between the user 
terminal and the remote server, charact riz d in that a cookie 
transmitted from the remote server to the user terminal are 
intercept d and stored by the proxy server. 
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8. A method according to claim 7, charact rized in that the 
proxy server stores the cookie together with information 
regarding the identity of the user terminal or information 
regarding the user and information regarding the URL that has 
issued the cookie (s). 

9* A method according to any of claims 7 or 8, when the user 
terminal and the remote server communicate, at least partly, 
over a wireless connection via a radio system, characterized in 
that the proxy server communicates via a high bit rate 
connection with the radio base stations of the radio system. 

10. A method according to claim 9, characterized in that the 
proxy server is co-located with a central register of the radio 
system, 

11. A method according to claim 10, characterized in that the 
cookie information is cached at other locations in the system. 

12. A method according to any of claims 10 or 11, when the radio 
system is a GSM-system, characterized in that the proxy server 
is co-located with the Home Location Register (HLR) of the GSM- 
system. 
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